JAAS restrict web page access

Hi,
I am planning to implement JASS autherization in my web application.
1. I want to restrict the role to access few certain jsp, servlet pages. What entry should i make in policy file, so that when the role tries to access that jsp file, it should automatically redirect user to some different jsp page.
2. I want to have some Access Control List in authorization, so that the logged in user has access to certain functions, product etc. How can i take help of JAAS.
I can created my own custom ACL and put the same in session. How its different from JAAS.
Thanks
Vinayak

hi,
you should look towards jGuard (jguard.sourceofrge.net) which enable easy JAAS integration into J2ee and wrap the jaas complexity.
sincerly yours,
Charles(jGuard team).

Similar Messages

  • Need help with iPad 2 web page access requiring Adobe Flash Player

    New to apple have iPad 2 WiFi and need to access web pages that utilize adobe flash player what are my options since adobe and apple are not friends

    There are options in the app store, which may or may not work.  iSwifter and puffin are two you may try.......

  • Session Idle time and public web pages access

    Hi
    The idle timeout can happen when authenticated user requests only public web pages on the site (pages in notenforced_list) . Following request to the protected pages is possible only throw the annoying login page.
    I need to configure AM to track access to the public web pages for authenticated users. And so, idle timeout will only possible, if authenticated user actually not sends any requests to the site.
    Please give me an ideas, how it is possible.
    Only one bad solution i know:
    To put hidden image to the all public site pages, which is protected by policy agent. Every request to the public pages will be enforced by policy agent (throw request to the hidden image). And there is no idle timeout when authenticated user actually still active on the site.
    Roman.
    PS: AM 7.1 update 1 on Sun App Server 8.2. Web site on the Sun Web Server 7

    We are find a trouble.
    The answer is for history:
    The idle timeout can happen when authenticated user requests only public web pages on the site (pages in notenforced_list)The idle time can happend only if Policy Agent has no mapping (profile or session) attributes to the HEAD or COOKIE to the HTTP request. If at leats one attribute (profile or session) is mapped, then all work propertly. There is no Access Manager Session Idle timeout in this case.

  • Restricting Web Service Access from specific machines (IP)

    Is there any way by which we can restrict access of our web service to some specific machines i.e., restricting to some specific IPs.

    maybe a Filter helps you since you can know the remoteIP from the httprequest
    http://java.sun.com/products/servlet/Filters.html
    public class TestFilter implements Filter {
    FilterConfig config = null;
    public void init(FilterConfig filterConfig) throws ServletException {
    this.config = filterConfig;
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) servletRequest;
    HttpServletResponse response = (HttpServletResponse) servletResponse;
    String ssoToken=null;
    System.out.println("+++++++ENTRANDO AL FILTER DE WS++++++++");
    System.out.println("+++++++IPLOCAL++++++++"+request.getLocalAddr());
    System.out.println("+++++++HOSTLOCAL++++++++"+request.getLocalName());
    System.out.println("+++++++IPREMOTE++++++++"+request.getRemoteAddr());
    System.out.println("+++++++HOSTREMOTE++++++++"+request.getRemoteHost());
    System.out.println("+++++++REMOTE USER++++++++"+request.getRemoteUser());
    System.out.println("+++++++Filter chein++++++++");
    filterChain.doFilter(servletRequest,servletResponse);
    System.out.println("***despues de doFilter****");
    public void destroy() {
    config = null;
    }

  • Can I create a web page in Contribute with restricted access?

    We use Contribute to edit and update our property website.  I would like to create a page that will display on the website but only to those that have the login and password to look at it.  Can I do that?

    Hi newworld border,
    You sure can! Select the photos/album and go to Share>export
    In the export window there is a web page button
    hit that and set your options.
    there is also a plugin for iPhoto called BetterHTMLExport for iPhoto on Mac OS X
    This plugin gives you more choices for your web creation.

  • Issues making restricted Printers available via the IIS Web page in Windows 2008 R2

    I've gone through the standard procedure of restricting access to printers by doing the following:
    Remove the Everyone group from Access list on the Security Tab (which removes Print and Read Permissions)
    Add my restricted AD group PRINT-RESTRICT to the Access List (which adds Print and Read Permissions)
    However, once I've removed the Everyone group, those printers are no longer listed on the IIS webpage,
    http://servername/printers
    Users in the restricted group can actually add the printers and use them successfully by going to the Add Printer wizard on their PC, and searching for printers to add in the directory, however I really want one set of instructions for all people to
    add and manage their printers, (and the web page is the simplest method)
    I've tried adding the Everyone group back in with Read Permissions and not Print, however this doesn't fix things. I've also tried adding the PRINT-RESTRICT group into the Print Server object, but no change their either.
    Can anyone help with the permission that controls visibility of the Printer in the IIS web page for Windows 2008 R2 ?
    thanks in advance,

    Good news, I did actually work out a solution.
    Simply give the IUSR account Print access to the restricted use printer. (the printer that has the Everyone group removed)
    Since this is the account that display the web page, as long as that account has access to the printers, the printers continue to be displayed for users to connect to. The solution still restricts the printer, as you need to be in a group or have print rights
    for the user to actually Connect to the printer.

  • The address bar on safari is active but the entire web page is greyed out so i can't access anything , can anyone advise

    the address bar on safari is active but the entire web page is greyed out so i can't access anything , can anyone advise

    Settings>General>Restrictions. You may have disabled changes to location services.

  • How do I set up a Web-based access page to allow access to the internet through my router?

    My wireless router is a WRT54G.  I own/manage several condos in a building and guests change all the time.  I want to set up a network with internet access similar to hotels and airports where access is granted after being directed to a web page and entering a password.  How do I set this up?  (I have several domains/websites if this is needed.)

    Not with standard firmware and no other equipment.
    If you want standard firmware and warranty and service you have to look at more expensive equipment.
    For some WRT54G you can flash 3rd party firmware which opens up the Linux on the router. See the wikipedia article for "WRT54G" for a start. Also check out dd-wrt. Some people there use the WRT in hotspot setups with dd-wrt. They should be able to point you into the right direction.
    Otherwise, what you are able to do with the WRT and standard firmware is radius authentication with WPA or WEP (called WPA Enterprise or similar...). This however, does not redirect you to access through a web site. You have to enter the username and password when you connect wireless to the router on your computer. If it matches you get access. Again: there is no web site involved here and if you don't know the username/password you cannot access anything not even an internal, free homepage. This also does not work for wired access to the router.
    Message Edited by gv on 11-25-2007 08:44 AM

  • How do you revoke a web page's access?

    So a web page asked for access to my computer, and though it had a certificate I've no idea how legit it is or what it wanted access to and tried to click 'no' but this trackpad is still a bit odd (getting used to it also being the click button) and accidentally clicked yes.
    How do I revoke this access?

    Launch the Java Preferences application and open the Security tab. Delete any items in the two lists shown that you don't want.

  • How do I remove the certificat error everytime I try to access the Cisco Unified CM Administration web-page?

    Hi,
    Every time I want to have access to the Cisco Unified CM Console (System version: 7.0.1.11000-2), I use the https://10.10.x.x/ccmadmin/showHome.do homepage on my client computer, but when I open the page, I get a SSL certificate error, stating no trust to this webpage security certificate and if I those "continue to this page (not recommended)", I get access to the Cisco Unified CM Console web page.
    I have tried to add the https://IP-adress to secure web pages in Internet Explorer 7, but this to no avail, it does not help.
    How do I add this certificate to a trusted something, so I do not get this warning every time I open the page?
    Kind regards,
    Carl-Marius

    Hi Michael,
    It worked when I change the IP-address to the name that was written in the certificate, and imported the certificate to Internet Explorer.
    Thank you for your fast and very precise help!
    Kind regards,
    Carl-Marius

  • Access to WPC Web Pages by Anonymous Users?

    Hello,
    i want to give anonymous users access to Web Pages that were created with the Web Page Composer.
    In did the following:
    1. create the Web Pages,Site Navigation etc....
    2. edited the permissions of the site: grant anonymous users Read Access.
    3.included the site navigation into the navigation of the anoymous users
    When i access the portal as anonymous users and try to open a Web Page, i get a logon screen for Authentification.
    I think that there is a problem, that i didn't find any way to set the Authentification Scheme for these Web Pages to "Anonymous". This is the way it has to be done with other iViews.
    When i am accessing the page with an authenticated users, i have no problem with displaying the same Web Pages.
    Is there anywhere an attribute i need to set? Or is it currently not supported?
    Regards,
    Marcus
    Message was edited by:
            Marcus Böhm

    1. Configuration in PCD - go to Content Administration -> Portal Content-> Portal Content -> Web Page Composer -> Container iViews -> WPC
    Default Containers. All of the iViews in this location should have the
    "anonymous" authentication scheme. The next location which should be
    checked is Content Administration -> Portal Content -> Portal Content ->Web Page Composer -> iView Templates. Again all of the iViews should
    have the "anonymous" authentication scheme. The same applies to all the
    templates which reside in Content Administration -> Portal Content ->
    Portal Content -> Web Page Composer -> Page Layout Templates. Finally
    check if all the pages which reside in Content Administration -> Portal
    Content -> Portal Content -> Web Page Composer -> Page Layouts have the
    "anonymous" authentication scheme.
    2. Configuration in KM - make sure that all the pages, which should be
    displayed to an anonymous user have in their permissions the Anonymous
    Users Group.
    3. Security zones - if you go to System Administration -> Permissions ->Security Zones -> com.sap.nw.wpc -> wpc -> no_safety and you open the
    permissions of this object, the Anonymous Users group must be added in
    the list.
    If all mentioned objects have their setting as described and you still
    experience problems (e.g. you see a browser dialog window for
    authentication), the reason most probably is, that the KM is not
    configured for anonymous access. A full description of the needed steps
    is provided with note 837898.

  • How to resolve network issue or dns to access web page on snow leopard server?

    I have my network setup like as follows:
    internet > router 1 > ethernet ports > switch > router 2
    I have a mac osx snow leopard server connected to "router 1", but it is so slow when accessing a web page hosted on the server from a browser on a workstation connected to either router 1 or router 2?
    Is there a problem with my network setup or maybe because I changed the name to newservername.local?

    @Jeff and @Camelot,
    I think it is a DNS issue.  I completely reset the DNS settings on server and the local name with the steps below, but now cannot access the site hosted on the server at all
    I used a modified version of http://www.mkahn.com/2010/09/configuring-dns-on-mac-os-x-10-6-snow-leopard-serve r-for-hosting/ to reset the server set
    1.  Stop DNS Service in Server Admin
    2.  Close Server Admin
    3.  Obtain 10.6 DNS Default files (below)
    4.  Overwrite the DNS files with DNS Default files:
    /etc/dns/loggingOptions.conf.apple
    /etc/dns/options.conf.apple
    /etc/dns/publicView.conf.apple
    /var/named/named.ca/etc/named.conf
    /var/named/named.local
    /var/named/localhost.zone
    5. Restart your server
    All machines have 1ms ping responses within the network including this snow leopard server that I am trying to setup.  There is another test web server that return pages instantly within this network so I doubt it is a network issue, but a DNS issue.

  • How can I set download restrictions on a web page ?

    how can I set download restrictions on a web page ?
    I mean: to make a web site with text and pictures but in a way that the visitors cannot download the pictures or text ?
    Is it possible ?
    Thanks

    Freeway allows you to inject code into the HTML of the page. Upload the movie file to a folder on your server and reference it in the code.
    <script src="http://www.domain.com/Folder-Name/QT-JS.js" language="javascript"> </script>
    <script language="javascript">
    QT_WriteOBJECT('http://www.domain.com/Folder-Name/Movie.mp4' , '640', '496', '', 'AUTOPLAY', 'false', 'CONTROLLER', 'true', 'VOLUME', '50', 'KIOSKMODE', 'true', 'SCALE', 'Aspect') ;
    </script>
    If you are going to go this route it would be better to use HTML5 with flash fallback to cover all browsers and devices...
    http://www.iwebformusicians.com/Website-Movie-Video/Easy-Movie-Player.html
    http://www.iwebformusicians.com/Website-Movie-Video/JW-Media-Player.html
    http://www.iwebformusicians.com/Website-Movie-Video/Fallback-To-Flash.html
    http://www.iwebformusicians.com/Website-Movie-Video/Flow-Player.html

  • Can Virtual PC access the web pages served by my Mac?

    Macs are really awesome for web design. Really wonderful. Sooner or later, though, you run into this one little nagging issue: 85% of the ever-lovin' public uses IE 6. So, you gotta test all your stuff on IE 6 before you release it.
    So. I've just installed XP Pro on Virtual PC 7.0.2 running on OS X 10.4.7. I've got the internet connection working by turning on virtual switch networking, which the program warned me probably wouldn't work with my wireless network (but seems to). The internet connection did not work until I turned this on.
    While doing web development, I turn on Personal Web Sharing and preview my pages by accessing them through http://localhost/. I should be able to access pages served from my Mac from other computers on my network by typing in the IP address shown in System Preferences. Indeed, this has always worked in the past, but from separate computers. My theory is that the virtual PC is a computer on the same network as its host, but when I try to access my Mac's IP from Internet Explorer, it doesn't work. Other web pages work, just not the ones served off my Mac.
    I literally have changed no settings within Windows. The only thing I've changed in VPC is the virtual switch networking thing.
    ipconfig says this:
    Windows IP Configuration
    Ethernet adapter Local Area Connection:
    Connection-specific DNS Suffix . : domain.actdsltmp
    IP Address. . . . . . . . . . . . : 192.168.1.107
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    And the TCP/IP prefpane says this:
    IP Address: 192.168.1.101
    Subnet Mask: 255.255.255.0
    Router: 192.168.1.1
    So...looks good, right? Yet it's broken. I'm at a loss. Does anyone know if this is possible at all?
    Thanks,
    -Ryan

    hi there,
    sorry I cannot answer the reason why, but I have the same problem.
    I initially made my website in iweb version 1.x and when I bought the new copy of iweb updated the site to iweb 08
    however since doing so, the minute it was uploaded, I got emails saying that my website had crashed peoples computers and it was slow, something that I had never had before
    having updated the domain to iweb08 I couldnt go back, so rebuilt the site in iweb06 - and since never had a complaint since.
    However forgetting why I decided against using iweb08 to produce my site, when I got my new mac, I recreated my website from scratch in iweb08
    within a couple of hours of uploading the new site, I can various emails saying that the site was crashing peoples computers and again the site was slow, yet I was only upgrading the site, using the same basis for the iweb08
    anyway have gone back to my iweb06 and asked the people that had the problems to try again and low and behold the website is working a dream
    Could someone shed light on why iweb08 creates so many problems for the people viewing the site.
    I viewed the site okay in mozilla firefox, but is does seem to be an issue with PC's and also IE
    I have iweb 2.0.4 currently as its a new imac, and 1.1.2 on my macbook
    the site is with 1and1

  • Need help to access a web page using midlet to retrieve some informations

    Hi everyone i'm trying to access a web page using midlet to retrieve some informations in text format, the web page is [http://daviddurand.info/D228/?villes|http://daviddurand.info/D228/?villes] for my project.
    the problem is that i always get error 10049 in socket::open meaning no adresse could be found i tried IP adresse and still the same.
    i managed to recreate the same web page to test it on local and the surprise that it works fine but when accessing it online i have this error.
    i tried also to get the page i created on a webserver i own to try it saying that there might be security issues but the same error appears again. so help plz
    here is my code :
    package mobileapplication5;
    import java.io.*;
    import javax.microedition.io.*;
    import javax.microedition.lcdui.*;
    import javax.microedition.midlet.*;
    public class GetMidlet extends MIDlet {
    private Display display;
    String url = "http://dayaati.com/villes/index.php?villes";
    public GetMidlet() {
    display = Display.getDisplay(this);
    public void startApp() {
    try {
    getBirthdayFromNameUsingGet(url);
    } catch (IOException e) {
    System.out.println("IOException " + e);
    e.printStackTrace();
    public void pauseApp() {   }
    public void destroyApp(boolean unconditional) {  }
    public void getBirthdayFromNameUsingGet(String url) throws IOException {
              HttpConnection httpConn = null;
              InputStream is = null;
              OutputStream os = null;
              try {
    httpConn = (HttpConnection)Connector.open(url);
    httpConn.setRequestProperty("User-Agent", "Profile/MIDP-2.1 Configuration/CLDC-1.1");
    httpConn.setRequestProperty("Content-Language", "en-US" );
    httpConn.setRequestProperty("Content-Type", "text/html; charset=iso-8859-1");
    httpConn.setRequestProperty( "Connection", "keep-alive" );
    httpConn.setRequestProperty("Content-Length","51200");
              getConnectionInformation(httpConn);
              int respCode = httpConn.getResponseCode();
              if (respCode == httpConn.HTTP_OK) {
                   StringBuffer sb = new StringBuffer();
                   os = httpConn.openOutputStream();
                   is = httpConn.openDataInputStream();
                   int chr;
                   while ((chr = is.read()) != -1)
                   sb.append((char) chr);
                   // Web Server just returns the birthday in mm/dd/yy format.
                   System.out.println(sb.toString());
              else {
                   System.out.println("Error in opening HTTP Connection. Error#" + respCode);
              } finally {
                   if(is!= null)
                   is.close();
                   if(os != null)
                        os.close();
              if(httpConn != null)
                        httpConn.close();
    void getConnectionInformation(HttpConnection hc) {
    System.out.println("Request Method for this connection is " + hc.getRequestMethod());
    System.out.println("URL in this connection is " + hc.getURL());
    System.out.println("Protocol for this connection is " + hc.getProtocol());
    System.out.println("This object is connected to " + hc.getHost() + " host");
    System.out.println("HTTP Port in use is " + hc.getPort());
    System.out.println("Query parameter in this request are " + hc.getQuery());
    **Heeeeeeelp Please**

    [http://java.sun.com/javase/6/webnotes/trouble/TSG-VM/html/crashes.html]
    SIGSEGV (0xb)Most common cause of that is JNI code used directly or indirectly through a 3rd party library.
    64-Bit Server VM (11.2-b01 mixed mode linux-amd64)Conversely that VM gets less traffic than others so you might have hit a bug in it.

Maybe you are looking for